SQLite

Check-in [0da229b81a]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:When parsing the schema, ignore any SQL that does not begin with "CREATE". Cherrypick of [d3c00d61581c].
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | branch-3.8.6
Files: files | file ages | folders
SHA1: 0da229b81ad29d731789c86abadf2abc9bfcd738
User & Date: dan 2015-05-20 19:57:02.125
Context
2015-05-20
20:21
Fix a bug caused by cherrypicking from a branch that assumes sqlite3_stricmp() can handle NULL arguments. (check-in: 2c649cdf7e user: dan tags: branch-3.8.6)
19:57
When parsing the schema, ignore any SQL that does not begin with "CREATE". Cherrypick of [d3c00d61581c]. (check-in: 0da229b81a user: dan tags: branch-3.8.6)
19:53
Detect and report oversized records constructed from multiple zeroblobs. Cherrypick of [9e139afd9211]. (check-in: 4a08f6b8bb user: dan tags: branch-3.8.6)
2015-04-16
00:26
When parsing the schema, ignore any SQL that does not begin with "CREATE". (check-in: d3c00d6158 user: drh tags: trunk)
Changes
Unified Diff Show Whitespace Changes Patch
Changes to src/prepare.c.
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
    return 1;
  }

  assert( iDb>=0 && iDb<db->nDb );
  if( argv==0 ) return 0;   /* Might happen if EMPTY_RESULT_CALLBACKS are on */
  if( argv[1]==0 ){
    corruptSchema(pData, argv[0], 0);
  }else if( argv[2] && argv[2][0] ){
    /* Call the parser to process a CREATE TABLE, INDEX or VIEW.
    ** But because db->init.busy is set to 1, no VDBE code is generated
    ** or executed.  All the parser does is build the internal data
    ** structures that describe the table, index, or view.
    */
    int rc;
    sqlite3_stmt *pStmt;







|







63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
    return 1;
  }

  assert( iDb>=0 && iDb<db->nDb );
  if( argv==0 ) return 0;   /* Might happen if EMPTY_RESULT_CALLBACKS are on */
  if( argv[1]==0 ){
    corruptSchema(pData, argv[0], 0);
  }else if( sqlite3_strnicmp(argv[2],"create ",7)==0 ){
    /* Call the parser to process a CREATE TABLE, INDEX or VIEW.
    ** But because db->init.busy is set to 1, no VDBE code is generated
    ** or executed.  All the parser does is build the internal data
    ** structures that describe the table, index, or view.
    */
    int rc;
    sqlite3_stmt *pStmt;
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
          db->mallocFailed = 1;
        }else if( rc!=SQLITE_INTERRUPT && (rc&0xFF)!=SQLITE_LOCKED ){
          corruptSchema(pData, argv[0], sqlite3_errmsg(db));
        }
      }
    }
    sqlite3_finalize(pStmt);
  }else if( argv[0]==0 ){
    corruptSchema(pData, 0, 0);
  }else{
    /* If the SQL column is blank it means this is an index that
    ** was created to be the PRIMARY KEY or to fulfill a UNIQUE
    ** constraint for a CREATE TABLE.  The index should have already
    ** been created when we processed the CREATE TABLE.  All we have
    ** to do here is record the root page number for that index.
    */







|
|







94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
          db->mallocFailed = 1;
        }else if( rc!=SQLITE_INTERRUPT && (rc&0xFF)!=SQLITE_LOCKED ){
          corruptSchema(pData, argv[0], sqlite3_errmsg(db));
        }
      }
    }
    sqlite3_finalize(pStmt);
  }else if( argv[0]==0 || (argv[2]!=0 && argv[2][0]!=0) ){
    corruptSchema(pData, argv[0], 0);
  }else{
    /* If the SQL column is blank it means this is an index that
    ** was created to be the PRIMARY KEY or to fulfill a UNIQUE
    ** constraint for a CREATE TABLE.  The index should have already
    ** been created when we processed the CREATE TABLE.  All we have
    ** to do here is record the root page number for that index.
    */
Changes to test/analyze.test.
355
356
357
358
359
360
361
362
363
364
    UPDATE sqlite_master SET sql='nonsense' WHERE name='sqlite_stat1';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql {
    ANALYZE
  }
} {1 {malformed database schema (sqlite_stat1) - near "nonsense": syntax error}}

finish_test







|


355
356
357
358
359
360
361
362
363
364
    UPDATE sqlite_master SET sql='nonsense' WHERE name='sqlite_stat1';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql {
    ANALYZE
  }
} {1 {malformed database schema (sqlite_stat1)}}

finish_test
Changes to test/index3.test.
47
48
49
50
51
52
53
54
55
56
  execsql {
    PRAGMA writable_schema=on;
    UPDATE sqlite_master SET sql='nonsense';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql { DROP INDEX i1 }
} {1 {malformed database schema (t1) - near "nonsense": syntax error}}

finish_test







|


47
48
49
50
51
52
53
54
55
56
  execsql {
    PRAGMA writable_schema=on;
    UPDATE sqlite_master SET sql='nonsense';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql { DROP INDEX i1 }
} {1 {malformed database schema (t1)}}

finish_test
Changes to test/trigger7.test.
110
111
112
113
114
115
116
117
118
119
  execsql {
    PRAGMA writable_schema=on;
    UPDATE sqlite_master SET sql='nonsense';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql { DROP TRIGGER t2r5 }
} {1 {malformed database schema (t2r12) - near "nonsense": syntax error}}

finish_test







|


110
111
112
113
114
115
116
117
118
119
  execsql {
    PRAGMA writable_schema=on;
    UPDATE sqlite_master SET sql='nonsense';
  }
  db close
  catch { sqlite3 db test.db }
  catchsql { DROP TRIGGER t2r5 }
} {1 {malformed database schema (t2r12)}}

finish_test